feat: store date and name of keys

Author: fabiovincenzi

src/db/file/users.ts

@@ -1,6 +1,6 @@
 import fs from 'fs';
 import Datastore from '@seald-io/nedb';
-import { User } from '../types';
+import { PublicKeyRecord, User } from '../types';
 
 const COMPACTION_INTERVAL = 1000 * 60 * 60 * 24; // once per day
 
@@ -138,60 +138,72 @@ export const getUsers = (query: any = {}) => {
   });
 };
 
-export const getPublicKeys = (username: string): Promise<string[]> => {
+export const getPublicKeys = (username: string): Promise<PublicKeyRecord[]> => {
   return findUser(username).then((user) => {
     if (!user) {
       throw new Error('User not found');
     }
-    return user.publicKeys || [];
+    return Array.isArray(user.publicKeys) ? user.publicKeys : [];
   });
 };
 
-export const addPublicKey = function (username: string, publicKey: string) {
-  return new Promise<User>((resolve, reject) => {
+export const addPublicKey = (username: string, record: PublicKeyRecord): Promise<User> =>
+  new Promise<User>((resolve, reject) => {
     findUser(username)
       .then((user) => {
         if (!user) {
           reject(new Error('User not found'));
           return;
         }
-        if (!user.publicKeys) {
-          user.publicKeys = [];
-        }
-        if (!user.publicKeys.includes(publicKey)) {
-          user.publicKeys.push(publicKey);
-          exports.updateUser(user).then(resolve).catch(reject);
-        } else {
-          resolve(user);
-        }
+        if (!Array.isArray(user.publicKeys)) user.publicKeys = [];
+
+        const exists = user.publicKeys.some((r) => r.key === record.key);
+        if (exists) return resolve(user);
+
+        user.publicKeys.push({
+          ...record,
+          addedAt: record.addedAt ?? new Date().toISOString(),
+        });
+
+        updateUser(user)
+          .then(() => resolve(user))
+          .catch(reject);
       })
       .catch(reject);
   });
-};
 
-export const removePublicKey = function (username: string, publicKey: string) {
+export const removePublicKey = function (username: string, canonicalKey: string) {
   return new Promise<User>((resolve, reject) => {
     findUser(username)
       .then((user) => {
         if (!user) {
           reject(new Error('User not found'));
           return;
         }
-        if (!user.publicKeys) {
+
+        if (!Array.isArray(user.publicKeys)) {
           user.publicKeys = [];
-          resolve(user);
-          return;
+          return resolve(user);
         }
-        user.publicKeys = user.publicKeys.filter((key) => key !== publicKey);
-        exports.updateUser(user).then(resolve).catch(reject);
+
+        const before = user.publicKeys.length;
+        user.publicKeys = user.publicKeys.filter((rec) => rec.key !== canonicalKey);
+
+        if (user.publicKeys.length === before) {
+          return reject(new Error('SSH key not found'));
+        }
+
+        updateUser(user)
+          .then(() => resolve(user))
+          .catch(reject);
       })
       .catch(reject);
   });
 };
 
-export const findUserBySSHKey = function (sshKey: string) {
-  return new Promise<User | null>((resolve, reject) => {
-    db.findOne({ publicKeys: sshKey }, (err, doc) => {
+export const findUserBySSHKey = (sshKey: string): Promise<User | null> =>
+  new Promise((resolve, reject) => {
+    db.findOne({ 'publicKeys.key': sshKey }, (err, doc) => {
       if (err) {
         reject(err);
       } else {
@@ -203,4 +215,3 @@ export const findUserBySSHKey = function (sshKey: string) {
       }
     });
   });
-};

src/db/mongo/users.ts

@@ -1,4 +1,4 @@
-import { User } from '../types';
+import { PublicKeyRecord, User } from '../types';
 
 const connect = require('./helper').connect;
 const collectionName = 'users';
@@ -48,31 +48,44 @@ export const updateUser = async (user: User) => {
   await collection.updateOne({ username: user.username }, { $set: user }, options);
 };
 
-export const addPublicKey = async (username: string, publicKey: string) => {
+export const addPublicKey = async (username: string, record: PublicKeyRecord) => {
   const collection = await connect(collectionName);
+
   return collection.updateOne(
-    { username: username.toLowerCase() },
-    { $addToSet: { publicKeys: publicKey } },
+    {
+      username: username.toLowerCase(),
+      'publicKeys.key': { $ne: record.key },
+    },
+    {
+      $push: {
+        publicKeys: {
+          key: record.key,
+          name: record.name,
+          addedAt: record.addedAt ?? new Date().toISOString(),
+        },
+      },
+    },
   );
 };
 
-export const removePublicKey = async (username: string, publicKey: string) => {
+export const removePublicKey = async (username: string, canonicalKey: string) => {
   const collection = await connect(collectionName);
+
   return collection.updateOne(
     { username: username.toLowerCase() },
-    { $pull: { publicKeys: publicKey } },
+    { $pull: { publicKeys: { key: canonicalKey } } },
   );
 };
 
-export const findUserBySSHKey = async function (sshKey: string) {
+export const findUserBySSHKey = async (sshKey: string): Promise<User | null> => {
   const collection = await connect(collectionName);
-  return collection.findOne({ publicKeys: { $eq: sshKey } });
+  return collection.findOne({ 'publicKeys.key': sshKey });
 };
 
-export const getPublicKeys = async function (username: string): Promise<string[]> {
-  const user = await findUser(username);
+export const getPublicKeys = async (username: string): Promise<PublicKeyRecord[]> => {
+  const user = await findUser(username.toLowerCase());
   if (!user) {
     throw new Error('User not found');
   }
-  return user.publicKeys || [];
+  return Array.isArray(user.publicKeys) ? user.publicKeys : [];
 };

src/db/types.ts

@@ -15,6 +15,12 @@ export type Repo = {
   _id: string;
 };
 
+export type PublicKeyRecord = {
+  key: string;
+  name: string;
+  addedAt: string;
+};
+
 export type User = {
   _id: string;
   username: string;
@@ -23,7 +29,7 @@ export type User = {
   email: string;
   admin: boolean;
   oidcId: string | null;
-  publicKeys: string[];
+  publicKeys: PublicKeyRecord[];
 };
 
 export type Push = {

src/service/routes/users.js

@@ -23,7 +23,7 @@ router.get('/', async (req, res) => {
   for (const user of users) {
     delete user.password;
     if (user.publicKeys) {
-      user.publicKeys = user.publicKeys.map((key) => key.trim());
+      user.publicKeys = user.publicKeys.map((rec) => rec.key.trim());
     }
   }
   res.send(users);
@@ -53,7 +53,10 @@ router.post('/:username/ssh-keys', async (req, res) => {
     return;
   }
 
-  const { publicKey } = req.body;
+  const { publicKey, name } = req.body;
+
+  if (!name || typeof name !== 'string')
+    return res.status(400).json({ error: 'Key name is required' });
   if (!publicKey) {
     res.status(400).json({ error: 'Public key is required' });
     return;
@@ -67,7 +70,12 @@ router.post('/:username/ssh-keys', async (req, res) => {
   }
 
   try {
-    await db.addPublicKey(targetUsername, canonicalKey);
+    const record = {
+      key: canonicalKey,
+      name: name.trim(),
+      addedAt: new Date().toISOString(),
+    };
+    await db.addPublicKey(targetUsername, record);
     res.status(201).json({ message: 'SSH key added successfully' });
   } catch (error) {
     console.error('Error adding SSH key:', error);
@@ -127,17 +135,16 @@ router.delete('/:username/ssh-keys/fingerprint', async (req, res) => {
 
   try {
     const keys = await db.getPublicKeys(targetUsername);
-    console.log(`Found ${keys} keys for user ${targetUsername}`);
-    const keyToDelete = keys.find((k) => {
-      const keyFingerprint = fingerprintSHA256(k);
+    const keyToDelete = keys.find((rec) => {
+      const keyFingerprint = fingerprintSHA256(rec.key);
       return keyFingerprint === fingerprint;
     });
 
     if (!keyToDelete) {
       return res.status(404).json({ error: 'SSH key not found for supplied fingerprint' });
     }
 
-    await db.removePublicKey(targetUsername, keyToDelete);
+    await db.removePublicKey(targetUsername, keyToDelete.key);
     res.status(200).json({ message: 'SSH key removed successfully' });
   } catch (err) {
     console.error('Error removing SSH key:', err);
@@ -159,7 +166,11 @@ router.get('/:username/ssh-keys', async (req, res) => {
 
   try {
     const keys = await db.getPublicKeys(targetUsername);
-    const result = keys.map((k) => fingerprintSHA256(k));
+    const result = keys.map((rec) => ({
+      name: rec.name,
+      fingerprint: fingerprintSHA256(rec.key),
+      addedAt: rec.addedAt,
+    }));
 
     res.status(200).json({ publicKeys: result });
   } catch (err) {